This is an automated email from the ASF dual-hosted git repository. acosentino pushed a commit to branch CAMEL-20775 in repository https://gitbox.apache.org/repos/asf/camel.git
commit 0ef5dc8503c4d402b2fcd096c291875ce1decddb Author: Andrea Cosentino <anco...@gmail.com> AuthorDate: Mon May 20 16:59:13 2024 +0200 CAMEL-20775 - camel-hashicorp-vault - configure multiple engines Signed-off-by: Andrea Cosentino <anco...@gmail.com> --- .../src/main/docs/hashicorp-vault-component.adoc | 32 ++++++++---------- docs/user-manual/modules/ROOT/pages/security.adoc | 38 ++++++++++------------ 2 files changed, 31 insertions(+), 39 deletions(-) diff --git a/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc b/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc index 102faa24b5f..a4958d0d1d5 100644 --- a/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc +++ b/components/camel-hashicorp-vault/src/main/docs/hashicorp-vault-component.adoc @@ -50,7 +50,6 @@ To use this function, you'll need to provide credentials for Hashicorp vault as [source,bash] ---- export $CAMEL_VAULT_HASHICORP_TOKEN=token -export $CAMEL_VAULT_HASHICORP_ENGINE=secretKey export $CAMEL_VAULT_HASHICORP_HOST=host export $CAMEL_VAULT_HASHICORP_PORT=port export $CAMEL_VAULT_HASHICORP_SCHEME=http/https @@ -61,7 +60,6 @@ You can also configure the credentials in the `application.properties` file such [source,properties] ---- camel.vault.hashicorp.token = token -camel.vault.hashicorp.engine = engine camel.vault.hashicorp.host = host camel.vault.hashicorp.port = port camel.vault.hashicorp.scheme = scheme @@ -74,12 +72,12 @@ At this point, you'll be able to reference a property in the following way: <camelContext> <route> <from uri="direct:start"/> - <to uri="{{hashicorp:route}}"/> + <to uri="{{hashicorp:secret:route}}"/> </route> </camelContext> ---- -Where route will be the name of the secret stored in the Hashicorp Vault instance. +Where route will be the name of the secret stored in the Hashicorp Vault instance, in the 'secret' engine. You could specify a default value in case the secret is not present on Hashicorp Vault instance: @@ -88,12 +86,12 @@ You could specify a default value in case the secret is not present on Hashicorp <camelContext> <route> <from uri="direct:start"/> - <to uri="{{hashicorp:route:default}}"/> + <to uri="{{hashicorp:secret:route:default}}"/> </route> </camelContext> ---- -In this case, if the secret doesn't exist, the property will fall back to "default" as value. +In this case, if the secret doesn't exist in the 'secret' engine, the property will fall back to "default" as value. Also, you are able to get a particular field of the secret, if you have, for example, a secret named database of this form: @@ -109,33 +107,33 @@ Also, you are able to get a particular field of the secret, if you have, for exa } ---- -You're able to do get single secret value in your route, like for example: +You're able to do get single secret value in your route, in the 'secret' engine, like for example: [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <log message="Username is {{hashicorp:database/username}}"/> + <log message="Username is {{hashicorp:secret:database/username}}"/> </route> </camelContext> ---- Or re-use the property as part of an endpoint. -You could specify a default value in case the particular field of secret is not present on Hashicorp Vault instance: +You could specify a default value in case the particular field of secret is not present on Hashicorp Vault instance, in the 'secret' engine: [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <log message="Username is {{hashicorp:database/username:admin}}"/> + <log message="Username is {{hashicorp:secret:database/username:admin}}"/> </route> </camelContext> ---- -In this case, if the secret doesn't exist or the secret exists, but the username field is not part of the secret, the property will fall back to "admin" as value. +In this case, if the secret doesn't exist or the secret exists (in the 'secret' engine) but the username field is not part of the secret, the property will fall back to "admin" as value. There is also the syntax to get a particular version of the secret for both the approach, with field/default value specified or only with secret: @@ -144,12 +142,12 @@ There is also the syntax to get a particular version of the secret for both the <camelContext> <route> <from uri="direct:start"/> - <to uri="{{hashicorp:route@2}}"/> + <to uri="{{hashicorp:secret:route@2}}"/> </route> </camelContext> ---- -This approach will return the RAW route secret with version '2'. +This approach will return the RAW route secret with version '2', in the 'secret' engine. [source,xml] ---- @@ -161,20 +159,18 @@ This approach will return the RAW route secret with version '2'. </camelContext> ---- -This approach will return the route secret value with version '2' or default value in case the secret doesn't exist or the version doesn't exist. +This approach will return the route secret value with version '2' or default value in case the secret doesn't exist or the version doesn't exist (in the 'secret' engine). [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <log message="Username is {{hashicorp:database/username:admin@2}}"/> + <log message="Username is {{hashicorp:secret:database/username:admin@2}}"/> </route> </camelContext> ---- -This approach will return the username field of the database secret with version '2' or admin in case the secret doesn't exist or the version doesn't exist. - -For the moment we are not considering the rotation function if any are applied, but it is in the work to be done. +This approach will return the username field of the database secret with version '2' or admin in case the secret doesn't exist or the version doesn't exist (in the 'secret' engine). The only requirement is adding the camel-hashicorp-vault jar to your Camel application. diff --git a/docs/user-manual/modules/ROOT/pages/security.adoc b/docs/user-manual/modules/ROOT/pages/security.adoc index 36f7a26eceb..f98e3cfddf8 100644 --- a/docs/user-manual/modules/ROOT/pages/security.adoc +++ b/docs/user-manual/modules/ROOT/pages/security.adoc @@ -422,12 +422,11 @@ The only requirement is adding the camel-azure-key-vault jar to your Camel appli ==== Using Hashicorp Vault -To use this function you'll need to provide credentials for Hashicorp vault as environment variables: +To use this function, you'll need to provide credentials for Hashicorp vault as environment variables: [source,bash] ---- export $CAMEL_VAULT_HASHICORP_TOKEN=token -export $CAMEL_VAULT_HASHICORP_ENGINE=secretKey export $CAMEL_VAULT_HASHICORP_HOST=host export $CAMEL_VAULT_HASHICORP_PORT=port export $CAMEL_VAULT_HASHICORP_SCHEME=http/https @@ -438,25 +437,24 @@ You can also configure the credentials in the `application.properties` file such [source,properties] ---- camel.vault.hashicorp.token = token -camel.vault.hashicorp.engine = engine camel.vault.hashicorp.host = host camel.vault.hashicorp.port = port camel.vault.hashicorp.scheme = scheme ---- -At this point you'll be able to reference a property in the following way: +At this point, you'll be able to reference a property in the following way: [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <to uri="{{hashicorp:route}}"/> + <to uri="{{hashicorp:secret:route}}"/> </route> </camelContext> ---- -Where route will be the name of the secret stored in the Hashicorp Vault instance. +Where route will be the name of the secret stored in the Hashicorp Vault instance, in the 'secret' engine. You could specify a default value in case the secret is not present on Hashicorp Vault instance: @@ -465,14 +463,14 @@ You could specify a default value in case the secret is not present on Hashicorp <camelContext> <route> <from uri="direct:start"/> - <to uri="{{hashicorp:route:default}}"/> + <to uri="{{hashicorp:secret:route:default}}"/> </route> </camelContext> ---- -In this case if the secret doesn't exist, the property will fallback to "default" as value. +In this case, if the secret doesn't exist in the 'secret' engine, the property will fall back to "default" as value. -Also you are able to get particular field of the secret, if you have for example a secret named database of this form: +Also, you are able to get a particular field of the secret, if you have, for example, a secret named database of this form: [source,bash] ---- @@ -486,33 +484,33 @@ Also you are able to get particular field of the secret, if you have for example } ---- -You're able to do get single secret value in your route, like for example: +You're able to do get single secret value in your route, in the 'secret' engine, like for example: [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <log message="Username is {{hashicorp:database/username}}"/> + <log message="Username is {{hashicorp:secret:database/username}}"/> </route> </camelContext> ---- Or re-use the property as part of an endpoint. -You could specify a default value in case the particular field of secret is not present on Hashicorp Vault instance: +You could specify a default value in case the particular field of secret is not present on Hashicorp Vault instance, in the 'secret' engine: [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <log message="Username is {{hashicorp:database/username:admin}}"/> + <log message="Username is {{hashicorp:secret:database/username:admin}}"/> </route> </camelContext> ---- -In this case if the secret doesn't exist or the secret exists, but the username field is not part of the secret, the property will fallback to "admin" as value. +In this case, if the secret doesn't exist or the secret exists (in the 'secret' engine) but the username field is not part of the secret, the property will fall back to "admin" as value. There is also the syntax to get a particular version of the secret for both the approach, with field/default value specified or only with secret: @@ -521,12 +519,12 @@ There is also the syntax to get a particular version of the secret for both the <camelContext> <route> <from uri="direct:start"/> - <to uri="{{hashicorp:route@2}}"/> + <to uri="{{hashicorp:secret:route@2}}"/> </route> </camelContext> ---- -This approach will return the RAW route secret with version '2'. +This approach will return the RAW route secret with version '2', in the 'secret' engine. [source,xml] ---- @@ -538,21 +536,19 @@ This approach will return the RAW route secret with version '2'. </camelContext> ---- -This approach will return the route secret value with version '2' or default value in case the secret doesn't exist or the version doesn't exist. +This approach will return the route secret value with version '2' or default value in case the secret doesn't exist or the version doesn't exist (in the 'secret' engine). [source,xml] ---- <camelContext> <route> <from uri="direct:start"/> - <log message="Username is {{hashicorp:database/username:admin@2}}"/> + <log message="Username is {{hashicorp:secret:database/username:admin@2}}"/> </route> </camelContext> ---- -This approach will return the username field of the database secret with version '2' or admin in case the secret doesn't exist or the version doesn't exist. - -The only requirement is adding the camel-hashicorp-vault jar to your Camel application. +This approach will return the username field of the database secret with version '2' or admin in case the secret doesn't exist or the version doesn't exist (in the 'secret' engine). ==== Automatic Camel context reloading on Secret Refresh while using AWS Secrets Manager